5 Authentication PROVE that you are who you claim to be 1 to 1 mapping Authentication factors: What I KNOW (eg: password) What I OWN (eg: OTP, smart card, smartphone) What I AM (eg: biometry) One authentication methods can rely on several factors! 5

15 Access Control - definition Controlling which operations on which ressources are allowed to be performed by which entities Eg: Is Sophie allowed to perform the print operation on the printer IR2750C? Not only a matter of IT (eg: Building access control) At several OSI layers: File / application (eg: unix, allowed to execute such a file) Firewall: ip + port access control Eg: ethernet address access control 15

17 Discretionary Access Control Based on requester identity Capability List o a ressource list and the associated rights for each requester.. Or by ACL - Access Control List Targets/ressources o A requester list and their rights per ressource Requesters ACL of the j ressource Rights of the requester i on the ressource j CL of the requester i

18 Mandatory Access Control Based on the resource sensibility (security label) the granted level of the requester AKA Bell-La Padula model No read-up No write-down 22

34 Firewall policy Set of rules Example: Block all outgoing FTP traffic except from host to host Allow only a subset of commands of the SIP protocol Least privilege principle: The last evaluated rule has to be o Deny All traffic from any network to any network 41

38 Proxy - features Policy: Filtering at the application level o Similar to Deep-Packet Inspection eg: HTTP URL filtering DNS: blacklist Caching o Accelerating some requests o (eg: Forward proxy loading static content from google.fr from its cache rather than fetching it again from the Internet) Logging o Each corporation providing an internet access has to log requests (liability issues) the policy could be dependent of the authenticated user/comp. 52

A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based

INTRODUCTION TO FIREWALL SECURITY SESSION 1 Agenda Introduction to Firewalls Types of Firewalls Modes and Deployments Key Features in a Firewall Emerging Trends 2 Printed in USA. What Is a Firewall DMZ

Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton

FIREWALLS & CBAC philip.heimer@hh.se Implementing a Firewall Personal software firewall a software that is installed on a single PC to protect only that PC All-in-one firewall can be a single device that

Castle and Moat Analogy 2 More like the moat around a castle than a firewall Restricts access from the outside Restricts outbound connections, too (!!) Important: filter out undesirable activity from internal

Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security Objectives List the different types of network security devices and explain how they can be used Define network

Firewalls and VPNs Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to: Understand firewall technology and the various approaches

What is Firewall? A system designed to prevent unauthorized access to or from a private network. What is Firewall? (cont d) Firewall is a set of related programs, located at a network gateway server. Firewalls

Introduction of Intrusion Detection Systems Why IDS? Inspects all inbound and outbound network activity and identifies a network or system attack from someone attempting to compromise a system. Detection:

Chapter 10 Firewall Firewalls are devices used to protect a local network from network based security threats while at the same time affording access to the wide area network and the internet. Basically,

s (March 4, 2015) Abdou Illia Spring 2015 Test your knowledge Which of the following is true about firewalls? a) A firewall is a hardware device b) A firewall is a software program c) s could be hardware

Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology

CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access

FIREWALL AND NAT Lecture 7a COMPSCI 726 Network Defence and Countermeasures Muhammad Rizwan Asghar August 3, 2015 Source of most of slides: University of Twente FIREWALL An integrated collection of security

Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of

Firewall August, 2003 1 Firewall and Access Control This product also serves as an Internet firewall, not only does it provide a natural firewall function (Network Address Translation, NAT), but it also

ΕΠΛ 674: Εργαστήριο 5 Firewalls Παύλος Αντωνίου Εαρινό Εξάμηνο 2011 Department of Computer Science Firewalls A firewall is hardware, software, or a combination of both that is used to prevent unauthorized

Linux firewall Need of firewall Single connection between network Allows restricted traffic between networks Denies un authorized users Linux firewall Linux is a open source operating system and any firewall

Networks, the Internet Tool support CS2107 Introduction to Information and System Security (Slide set 8) National University of Singapore School of Computing July, 2015 CS2107 Introduction to Information

ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 25 October 2013 its335y13s2l08, Steve/Courses/2013/s2/its335/lectures/firewalls.tex,

Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Microsoft Forefront TMG How to use TMG network templates Abstract In this article I will show

Proxy Server, Network Address Translator, Firewall 1 Proxy Server 2 1 Introduction What is a proxy server? Acts on behalf of other clients, and presents requests from other clients to a server. Acts as

Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls

Application Note Configuring SSL VPN on the Cisco ISA500 Security Appliance This application note describes how to configure SSL VPN on the Cisco ISA500 security appliance. This document includes these

CSC574 - Computer and Network Security Module: Firewalls Prof. William Enck Spring 2013 1 Firewalls A firewall... is a physical barrier inside a building or vehicle, designed to limit the spread of fire,

Smart Tips Enabling WAN Load Balancing Overview Many small businesses today use broadband links such as DSL or Cable, favoring them over the traditional link such as T1/E1 or leased lines because of the